site-site VPN. remote site has same private network id

We are trying to plan a site-site vpn connecting our corporate network to a vendor's network. Both firewalls are Cisco ASA 5510s. The problem is, their private network ID matches a network ID that exists on our private WAN, which is 192.168.100.0/24. This network id is what actually connects interfaces of our remote site routers via fiber. But, I digress. How is the tunnel going to be established with the remote network given that the destination network matches a network id on our own WAN? Will I have to use NAT?

Thanks for any insight. We have successfully set up site-sites with this firewall, but I have never run into a problem where the destination network happens to match one of our internal ids on the WAN.

Re: site-site VPN. remote site has same private network id

Hi

Yes you will have to use NAT. If the traffic is intitiated from both ends of the VPN then you will need to NAT both networks and present them internally to each LAN as some other network address range. So at your end you need to present to your internal users the remote 192.168.100.0/24 addresses as a different network range and so will the customer.

Re: site-site VPN. remote site has same private network id

Hi,

I have a same problem and i have NAT my local IP before sending to one IPSEC tunnel due to customer policy. I am still unable to NAT using Policy Based NAT on PIX 515E 7.0, I feel like there is a global pool is missing in above configuration example.

We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...
view more